Programmable logic devices (PLDs) are a well-known type of integrated circuit (IC) that can be programmed to perform specified logic functions. One type of PLD, the field programmable gate array (FPGA), typically includes an array of programmable tiles. These programmable tiles can include, for example, input/output blocks (IOBs), configurable logic blocks (CLBs), dedicated random access memory blocks (BRAM), multipliers, digital signal processing blocks (DSPs), processors, clock managers, delay lock loops (DLLs), and so forth.
Each programmable tile typically includes both programmable interconnect and programmable logic. The programmable interconnect typically includes a large number of interconnect lines of varying lengths interconnected by programmable interconnect points (PIPs). In general, a PIP refers to a circuit component or mechanism that programmably connects or isolates two routing elements, e.g., wires or nodes, of a circuit within a PLD. The programmable logic implements the logic of a user design using programmable elements that can include, for example, function generators, registers, arithmetic logic, and so forth.
The programmable interconnect and programmable logic are typically programmed by loading a stream of configuration data into internal configuration memory cells that define how the programmable elements are configured. The configuration data can be read from memory (e.g., from an external PROM) or written into the FPGA by an external device. The collective states of the individual memory cells then determine the function of the FPGA.
Some circuit applications require that system components be isolated from one another. Within some military applications, for example, circuit designs must conform to a standard referred to as Multiple Independent Levels of Security (MILS). One aspect of MILS is the partitioning of a system so that the failure or corruption of any single partition will not corrupt any other partition of the system or cause such other partition(s) to fail.
In other cases, systems are designed with fault tolerance in mind. In such cases, the system is built with a degree of redundancy. A cryptographic application, for example, may utilize duplicate encryptors. The results from each duplicate portion of the circuit can be compared to guard against faults, whether accidental or malicious in nature. In such cases, the duplicate circuit structures should be isolated from one another to ensure that each portion of the circuit provides a result that is independent of the other.
In another example, consider a communication system having two different communication channels, each requiring a different level of security. Conventional approaches for implementing a system would be to use one IC to process the first communication channel and a second IC to process the second communication channel. Isolation is achieved through the use of two different ICs. When systems utilize cryptographic solutions, typically the protected portions of the circuit design are implemented using one IC, while unprotected portions of the circuit design are implemented using an entirely different IC.
In each case, more than one IC is used to achieve isolation despite the capability of the device to house more than one partition of the system. This approach minimizes the possibility that a failure of some sort, whether induced by a malicious attack or not, will expose sensitive data from within the IC and compromise security.